package com.aurora.CETManagementSystem.controller;

import com.aurora.CETManagementSystem.mapper.AccountMapper;
import com.aurora.CETManagementSystem.mapper.UserInfoMapper;
import com.aurora.CETManagementSystem.pojo.Account;
import com.aurora.CETManagementSystem.pojo.UserInfo;
import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.IncorrectCredentialsException;
import org.apache.shiro.authc.UnknownAccountException;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.subject.Subject;
import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
import org.springframework.web.bind.annotation.*;


import javax.annotation.Resource;
import javax.servlet.http.HttpSession;

import java.util.*;

@Controller
public class LoginController {

    @Resource
    private AccountMapper accountMapper;

    @Resource
    private UserInfoMapper userInfoMapper;

    //登录
    @PostMapping("/login")
    public String login(@RequestParam("username") String username, @RequestParam("password") String password, Model model,HttpSession session){
        //获取当前的用户
        Subject subject = SecurityUtils.getSubject();
        //封装用户的登录数据
        UsernamePasswordToken token = new UsernamePasswordToken(username,password);

        //拿到令牌之后登录
        try{
            subject.login(token); //执行登录方法,如果没有异常,就说明登录成功了
            Account account = (Account) subject.getPrincipal();
            session.setAttribute("name", userInfoMapper.selectById(account.getId()).getName());
            session.setAttribute("account", account);


            return "redirect:/toDashBoard";
        }catch (UnknownAccountException e){ //用户名不存在
            model.addAttribute("msg","用户名不存在");
            return "index";
        }catch (IncorrectCredentialsException e){
            model.addAttribute("msg","密码错误");
            return "index";
        }
    }



    //登出 移除Session
    @RequestMapping("/logout")
    public String logout(HttpSession session){
        session.removeAttribute("account");
        SecurityUtils.getSubject().logout();
        return "index";
    }

    //注册功能
    @ResponseBody
    @PostMapping("/register")
    public String register(String username,String password,String checkpassword){
        System.out.println("test===>Controller:register()");

        if (username==null||username.trim().equals("")) {
            return "用户名不能为空!";
        }
        if (password == null||password.trim().equals("")) {
            return "密码不能为空!";
        }
        if (checkpassword == null||checkpassword.trim().equals("")) {
            return "确认密码不能为空!";
        }


        String regex = "^[a-zA-Z\\d]+$";

        //如果注册失败
        //用户名不合法
        if(!username.matches(regex)){
            return "用户名不合法!必须为字母和数字的组合!";
        }
        //注册时两次密码不一致.
        if(!password.equals(checkpassword)){
            return "确认密码不一致!";
        }

        //数据库中有用户名重复的账号
        Account account = accountMapper.selectOne(new QueryWrapper<Account>().eq("username", username));
        if(account!=null){
            return "账号已经被使用!";
        }


        //注册成功
        System.out.println("test=>>>注册成功!"+username+password);

        //获取前台传参 封装对象
        Account newAccount = new Account();
        newAccount.setUsername(username);
        newAccount.setPassword(password);
        //默认设置注册账号权限为学生
        newAccount.setPermission("student");


        //账号表插入
        accountMapper.insert(newAccount);


        //信息表插入
        UserInfo userInfo = new UserInfo();

        userInfo.setInfoId(newAccount.getId()); //外键约束.

        userInfoMapper.insert(userInfo);

        return "注册成功！";
    }



    //没有权限 给个msg
    @ResponseBody
    @RequestMapping("/unauthorized")
    public String unauthorized(){
        return "没有权限!";
    }



}
